Threat analyst
Hcl Technologies
Total des années d'expérience :6 years, 1 Mois
Monitoring, Analysing and managing the real time events
for the security devices using SIEM tool.
• Perform detailed analysis of Phishing mails and submit the
analysis to Cyber Defense Team for further action.
• Validating the phishing mail by examining the mail headers,
URL, IP reputations, attachments and identifying impact of
them.
• Analysing the attachment and URL's by dynamic method using
Cisco threat grid.
• Monitoring, troubleshooting, and triaging of incidents related
to attacks like DDOS, Ransomware, and Credential validation
attack & Mitre Attack
• Analyze the application that triggered Symantec, MDATP and
CS endpoint protection alert using the application information,
its hash and logs to white list the application from the firm.
• Experience in Incident Response management with Red team.
• Responsible for proactive threat analysis and activities across
the network leveraging intelligence from multiple internal and
external sources
• Conduct threat hunt operations using known adversary as well
as Indicators of Attack (IOA) in order to detect adversaries with
persistent access to the enterprise
• Actively check for Industry and Region-specific IOCs and Threat
actors.
• Conducts technical analysis on impacted systems to determine
impact, scope, and recovery from active and potential cyber
incidents
• Good Exposure in Incident Management and Project
Management
• Practical Insights to creation of Rules, Dashboards, Reports & Custom
Properties.
• Involved with customer on weekly calls to understand their
requirements and act accordingly to provide them better service
Working in a SOC (Security Operation centre) with multiple clients on Real Time Threat Management using SIEM
• Involved in 24*7 security event monitoring analysis, triage incident alerting and reporting for multiple clients
using SIEM.
• Identification, investigation and escalation of security threats to client-side security team.
• Performs Real time log monitoring, Security incident handling, investigation, escalation of security incidents with
recommendations to mitigate the threat.
• Practical Insights to creation of Rules, Dashboards, Reports & Custom Properties
• Introduced Shift Handover report for better communication between each shift.
Associate Analyst,
Conduct threat hunt operations using known adversary as well as Indicators of Attack (IOA) in order to detect adversaries with persistent access to the enterprise.
Actively check for Industry and Region-specific IOCs and Threat actors.
Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents
Good Exposure in Incident Management
Practical Insights to creation of Rules, Dashboards, Reports & Custom Properties.
Involved with customer on weekly calls to understand their requirements and act accordingly to provide them better service.
Network Systems
(